Michael Hanscom

Enthusiastic ambivert. Geeky, liberal, friendly, curious, hopepunk; trying to be a good person. (he/him)

The Al-Can Highway is no more!

by

At least, according to Google’s nifty new Google Maps page, that’s the story.

No Alcan on Google

Realistically, I’m quite sure that this is simply because Google Maps doesn’t have the Canadian highway system in their database at the moment. Hopefully that’s only a temporary thing, as that is a search that returns good results in both Mapquest and Yahoo! Maps.

Still, it amused me.

Aside from that and the fact that Google Maps doesn’t work in Safari yet (they do say that they’re working on it), I’ve got to say that I’m very impressed. The maps are prettier than the other systems output, you can drag maps around within the interface (I followed the Glenn Highway out of Anchorage all the way out past Palmer just by dragging along), and from what Joel says, they’re more detailed in some respects than the other systems.

Worth playing with.

The Spammers Have Won (for now)

by

Until I have time to get in and do some rather major work on my webserver, I’m afraid that comments and TrackBacks are turned off. I really don’t like doing this — I like the interaction aspect, both getting into discussions and just knowing that people stop by here from time to time — but the attacks on the server have been too severe and too regular, and I’m tired of battling them.

I’m pretty sure that there have been three major things causing my problems.

  1. My server is just too old and slow to handle the attacks.

    Rather than paying for hosting space somewhere, I run my own webserver out of my apartment. This has quite a few advantages, in that I don’t have to worry about how much disk space I use, there are no bandwidth caps, and it’s allowed me to host websites for friends and family on the same server. However, the downside is that the server itself isn’t terribly powerful by today’s standards — only a single-processor 350Mhz G3.

    Now, really, that’s not that bad of a machine, and for general purposes — that is, serving static pages, which is what I started with years ago — it works wonderfully well. However, when I’m in the midst of getting hit by a spam attack, it just can’t handle the load, and it slows to the point of a virtual crawl. It’s never actually gone down — right now it’s showing a reported uptime of 197 days, 17 hours, and one minute — but there’s so much for it to process that it might as well go down.

    The issue is that comment attacks these days take the form of an automated script, or ‘bot’, that repeatedly and rapidly submits comments to the comment script on a weblog, sometimes hundreds of submissions per minute. While I have anti-spam measures such as MT-Blacklist installed, they still need to look at each submitted comment in order to determine whether it’s spam (and reject it), an actual user-submitted comment (and accept it), or something indeterminate (at which point it’s put into a moderation queue for me to look at).

    When I’m getting flooded with hundreds of comment submissions at a time, though, my server just can’t process the information fast enough to be able to respond, and my server essentially stops responding until it can work its way through everything.

  2. Renaming the comment script is pointless.

    One of the accepted methods of combatting the spam attacks is to rename the script that MT uses to accept and process comments, on the theory that the ‘bots’ that the spammers use then won’t be able to submit anything. This used to work, but now it’s painfully obvious that the spammers have upgraded their bots to parse through the HTML code of a page to find the name of the comment script. At this point, I can rename my comment script, and the attacks start again within a minute or two after I rebuild my site. So much for that idea.

  3. I made a mistake a while back that’s now biting me in the ass.

    The last time I set up my server, I made what in retrospect was obviously a mistake, though I didn’t think about it at the time. Each of the three primary accounts on my server — me, my dad, and Kirsten — use the same MySQL database for their MT data. Because of this, whenever a comment spam attack starts, it doesn’t matter which domain they’re aiming at — as the bot generally attacks by submitting a few comments to one entry ID number, then increments that by one and sends a few more comments, as it steps through entry IDs on the database it will end up hitting entries on every weblog in the database. A single comment attack on any single domain on my box can affect all three domains.

    Okay, yes, in retrospect, that was fairly amazingly dumb on my part. Of course, six months ago the comment spam attacks weren’t anywhere near the level that they are today, so it’s taken a while for this mistake to start showing the consequences. Things like this, however, are a big reason why I only provide hosting services for a few select friends and family, and I make sure they know that there may be occasional issues: as a sysadmin, I’m essentially learning as I go, which isn’t always the safest or most effective way to go about it. Kind of the webmaster’s version of driving by braille.

What I need to do now, then, is break everything down and start over. Luckily, I shouldn’t have to do a full nuke and pave on my server — just the MT systems. I need to do a complete export of all entries and comments for each weblog on the system, nuke the MySQL database that MT is using, then create three separate databases, reinstall MT, and re-import the weblogs. Not a fun process, but I think I should be able to do it fairly transparently, without losing all the various design tweaks and customizations we’ve made to the weblogs. It may result in anywhere from a few hours to a few days of downtime for the sites I host, but I’ll do my best to keep that to a minimum once I start.

Once I’ve done that, I’ll experiment with turning comments back on. I’m not entirely sure how that will go, as the spammers will still be able to attack, but at least at that point they’ll be limited to attacking one domain at a time instead of attacking one and getting two more in the process. This may or may not be enough to keep comments open…we’ll find out when I get to that point.

This has been a rough couple of days, and yesterday I skirted dangerously close to just pulling the plug on my server entirely. I started hosting my own websites back in 1995 because it was fun to do, and the project has grown over the years, always because I enjoyed it, and it’s fun to find all these neat new things that can be done. Installing MovableType, opening up comments to the world, hosting sites for Kirsten, Phil, and my dad — I love the fact that I can do this.

But these spam attacks have been taking all the fun out of it. Each time I see the server get hit and stop responding it gets more and more frustrating. Yesterday I was ready to just completely throw in the towel — at one point, even checking to see if it would be possible to import all my old entries into my LiveJournal account (it isn’t). Thankfully, after a couple hours of Prairie and Phil putting up with my whining and tossing ideas at me over IM, I just figured that even though I don’t like to do it, at this point simply turning off comments until I have a chance to rebuild the database and the MT installation was the best way to go.

So that’s where things stand at the moment. Feedback is still a good thing, so feel free to drop an e-mail my way if there’s something you’d like to toss my direction. Until I get the chance to spend a few hours/days doing maintenance on the box, though, this is how things stand.

iTunesSweet Home Chicago” by Blues Brothers, The from the album Blues Brothers, The (1980, 7:51).

Would you survive a horror movie?

by

You are so ALIVE

No psycho slayer is going to get between you and your right to life. You’re an ass-kicker, a charge taker, and if need be, a monster masher. You’re level-headed in sticky situations, you trust yout instincts, and you’re not afraid to get a little dirty while getting the job done. Simply put, you rock! But don’t get carried away. Even though your little brother might act like a creep sometimes, you definately shouldn’t be driving stakes through his heart!
Would you survive a horror movie? Find out @ She’s Crafty

Network Outage

by

One of the reasons I like Speakeasy — my ‘net connection just went down (and is still down as I type this, so nobody’s going to see this post until the issue is fixed). I called Speakeasy’s tech support, and got this automated message:

Thanks for calling Speakeasy. Some of our broadband customers in the greater Seattle area are currently reporting a network outage due to a vendor failure. We hope to have this resolved within 30 minutes.

(pause)

(big sigh)

If we’re lucky.

I can respect honesty like that.

Things seem to be up now, though (at least, DNS services are back, so websites are accessible again, though iChat can’t connect to the AIM network), so it was only about a ten minute outage. All in all, just a minor annoyance. These things happen.

iTunesBongo Tune” by Quarter from the album Essential Chillout (2000, 5:52).

Comments/TrackBack down until further notice

by

Dammit.

Comments and TrackBack pings are currently disabled at the server level back online for all sites I host (www.michaelhanscom.com, www.hanscomfamily.com, www.geekmuffin.com*). As I’ve done this at the server level, this is not reflected in the sites themselves: they all still look like they accept comments, but they won’t work.

I hope to be able to get them turned back on soon.

This may or may not be realistic. Much as I’d hate to have to turn them off permanently, unless I can find an effective block against the attacks that continue to cripple my server, it’s starting to look like a definite possibility.

This sucks.

Update: Okay, it’s all back up and running. One new software tweak, and another rename to the scripts.

I think I need to figure out a shell script that will rename the comment and trackback scripts, update the mt.cfg file with the new info, and then rebuild the sites on a weekly basis. Which wouldn’t be fun, but I really am running out of ideas short of entirely disabling comments and trackbacks or moving to another weblogging system, neither of which are very high on my list of things to do.

* Actually, www.geekmuffin.com will be ‘broken’ until a full rebuild is done. Unfortunately, as I don’t have rebuild rights for Kirsten’s site, she’ll need to do that on her own when she gets a moment. :)

iTunesBreathe” by Depeche Mode from the album Exciter (2001, 5:17).

Muppets are scary!

by

Remember how I was talking about my overactive imagination about a week ago? I had a conversation with Prairie yesterday that reminded me of a couple of perfect examples of this.

The freakin’ Muppets used to give me nightmares. How sad is that?

There are two specific Muppet-related nightmares that I remember clearly. And I do mean clearly — they don’t scare me anymore, but the memories are vivid enough (especially for someone who generally doesn’t remember their dreams) that I know they were pretty traumatizing at the time.

I don’t know if the first was based upon any specific Muppet episode or not. All I do remember is walking through my house at night, with huge — and by huge, I mean the size of large dogs — fuzzy Muppet spiders crawling out of hampers, through doors, over windowsills, and generally throughout the house, trying to get me.

The second is, in retrospect, the more amusing of the two. One of the recurring skits on the Muppet Show was a newscaster reading some bizarre bit of news, after which he’d invariably fall victim to whatever gag he was setting up. In one particular skit, the news item was about strange cases of household furniture suddenly coming alive and attacking people. Of course, after reading the news flash, suddenly his desk opened its eyes, the drawer slid open like a mouth, and it chased him off set.

For months after that, I’d have nightmares of being chased around the house by furniture with big googley Muppet eyes and foam teeth.

It’s funny now. But at that point?

Muppets were scary!

iTunesLong Time” by Clumsy Lovers, The from the album Barnburner (1999, 3:31).

Pigface, Sheep on Drugs, and MY BIRTHDAY

by

This is too damn cool.

The Pigface Free For All Tour is going to be coming through Seattle.

Pigface Free for All tour

Pigface and Sheep on Drugs (and Nocturne, and possibly The Damage Manual and The Countdown) in concert — and they’re performing at the Fenix Underground on Tuesday, May 3rd.

My birthday.

I’m so there.

(many thanks to Syren666 for mentioning this!)

iTunes15 Minutes of Fame” by Sheep on Drugs from the album Sheep on Drugs Greatest Hits (1993, 5:06).

Emerald City ComiCon

by

“I’m not funny — I’m freakishly obsessed!” I burst out laughing when I heard this (thoroughly embarrassing the girl who’d said it, I think), but it seemed as oddly appropriate as it was amusing while I wandered around the Emerald City ComiCon this morning.

Emerald City ComiCon, Seattle, WA

I’d heard about the con just a couple of days ago, and decided to go more or less on a whim this morning when I had nothing else planned for the day. I wasn’t entirely sure what to expect, as I’ve never been a major comic collector, and my only prior experience of any sort with comic conventions was watching Chasing Amy. As it turns out, though, that wasn’t bad mental image to have going in: lots of people wandering around in everything from street clothing to full Stormtrooper regaliaThe inevitable Star Wars costumes, Emerald City ComiCon, Seattle, WA, lots of booths with various merchandise and wares for sale, and lots of authors and artists available to meet.

Since I didn’t have any particular agenda or people I wanted to see — to be honest, I only recognized a select few of the names I saw on the placards on each booth — I just spent a couple hours wandering around the show floor, seeing what there was to see, and doing a lot of peoplewatching.

A few random highlights:

  • Insanely Twisted Rabbits by Michael Gagné, Emerald City ComiCon, Seattle, WAMichael Gagné’s Insanely Twisted Rabbits: Hilarious drawings of rabbits viewed through either a seriously twisted imagination or a lot of illegal pharmaceuticals. Or both. When it comes to rabbits with big, sharp, nasty, pointy teeth, I’m afraid that Monty Python has nothing on these bunnies.

  • Book binding and sculpture by Catalyst Studios, Emerald City ComiCon, Seattle, WACatalyst Studios’ masks and book bindings: Some absolutely incredible work in these. Books that had been re-bound with skulls and faces emerging from their covers (some of which were actual books with new covers, others were blank notebooks suitable for journaling or sketching), masks that strongly reminded me of the ballroom scene in Labyrinth, and lots of smaller sculpture work. Beautiful stuff.

  • While I was wandering around Bumbershoot last year, I ran into a girl who got a good laugh out of my “I’m just here to get laidmessenger bag. She ran into me again today and recognized me, and we ended up chatting for a few minutes. I gave her my e-mail and website address so that she could track down the right page and order a book or shirt for herself. I knew there had to be a few more people out there that thought it was funny!

  • Kilt fans, Emerald City ComiCon, Seattle, WA As I was walking along at one point, I noticed a girl talking with her friends shooting a look in my direction. Suddenly, all three of her friends suddenly swiveled around to look in my direction, and I cracked up. As I figured, they’d noticed and were admiring my Utilikilt. We chatted for a few minutes, then they took a picture of me and I took one of them. So, somewhere out there on some guy’s digital camera is a shot of me from today — if by any random chance he happens to see this, I’d love a copy of the shot!

  • Jhonen Vasquez, Emerald City ComiCon, Seattle, WA From what I could see, the biggest draw to this year’s ComiCon was the chance to get an autograph from Jhonen Vasquez, creator of Johnny the Homicidal Maniac and Invader Zim. I didn’t bother taking the time to stand in line, but I did get to get a quick shot of him between a few fans as he was signing merchandise. Turns out he looked more or less exactly as you’d expect he would from his work — which in an odd way, was a minor bummer. I was kind of hoping he’d be some pudgy, poorly shaven, badly dressed forty-something white guy that looked more like a redneck or a trucker. Just because in my world, that would be really funny.

All in all, not a bad way to spend the morning. As usual, there’s a few more shots from the day in a Flickr photoset.

iTunesEdge of Wisdom, The (2002)” by Beborn Beton from the album Tales From Another World (1993, 4:21).

Naked robbery warning!

by

WARNING:

A scam is being pulled, mainly on older men.

What happens is that when you stop for a red light, a young nude woman comes up and pretends to be washing your windshield. While she is doing this, another person opens your back door and steals anything in the car.

They are very good at this: They got me 7 times Friday and 5 times Saturday.

I wasn’t able to find them on Sunday.

(via the Urban Legends Reference Pages, because apparently some people can’t figure out that this is a joke)